doc fix in C::P::Auth + debug messages in C::P::Auth::Cred::Password

diff --git a/lib/Catalyst/Plugin/Authentication.pm b/lib/Catalyst/Plugin/Authentication.pm
index 8dd1a19..3f80433 100644 (file)
--- a/lib/Catalyst/Plugin/Authentication.pm
+++ b/lib/Catalyst/Plugin/Authentication.pm
@@ -397,7 +397,7 @@ leverage this. Add the role authorization plugin:
     sub restricted : Local {
         my ( $self, $c ) = @_;
 
-        $c->detach("unauthorized") unless $c->check_user_roles("admin");
+        $c->detach("unauthorized") unless $c->check_roles("admin");
 
         # do something restricted here
     }

diff --git a/lib/Catalyst/Plugin/Authentication/Credential/Password.pm b/lib/Catalyst/Plugin/Authentication/Credential/Password.pm
index b5c14cb..7ade966 100644 (file)
--- a/lib/Catalyst/Plugin/Authentication/Credential/Password.pm
+++ b/lib/Catalyst/Plugin/Authentication/Credential/Password.pm
@@ -13,26 +13,48 @@ sub login {
     my ( $c, $user, $password ) = @_;
 
     for ( $c->request ) {
-             $user ||= $_->param("login")
-          || $_->param("user")
-          || $_->param("username")
-          || return;
-
-             $password ||= $_->param("password")
-          || $_->param("passwd")
-          || $_->param("pass")
-          || return;
+        unless ( $user ||= $_->param("login")
+            || $_->param("user")
+            || $_->param("username") )
+        {
+            $c->log->debug(
+                "Can't login a user without a user object or user ID param");
+            return;
+        }
+
+        unless ( $password ||= $_->param("password")
+            || $_->param("passwd")
+            || $_->param("pass") )
+        {
+            $c->log->debug("Can't login a user without a password");
+            return;
+        }
     }
 
-    $user = $c->get_user($user) || return
-      unless Scalar::Util::blessed($user)
-      and $user->isa("Catalyst:::Plugin::Authentication::User");
+    unless ( Scalar::Util::blessed($user)
+        and $user->isa("Catalyst:::Plugin::Authentication::User") )
+    {
+        if ( my $user_obj = $c->get_user($user) ) {
+            $user = $user_obj;
+        }
+        else {
+            $c->log->debug("User '$user' doesn't exist in the default store")
+              if $c->debug;
+            return;
+        }
+    }
 
     if ( $c->_check_password( $user, $password ) ) {
         $c->set_authenticated($user);
+        $c->log->debug("Successfully authenticated user '$user'.")
+          if $c->debug;
         return 1;
     }
     else {
+        $c->log->debug(
+            "Failed to authenticate user '$user'. Reason: 'Incorrect password'"
+          )
+          if $c->debug;
         return;
     }
 }